github - ghsa-f2f7-qfwq-94j2

ghsa-f2f7-qfwq-94j2

Vulnerability from github

Published

2025-06-18 12:30

Modified

2025-06-18 12:30

Details

In the Linux kernel, the following vulnerability has been resolved:

bpf: Fix a data-race around bpf_jit_limit.

While reading bpf_jit_limit, it can be changed concurrently via sysctl, WRITE_ONCE() in __do_proc_doulongvec_minmax(). The size of bpf_jit_limit is long, so we need to add a paired READ_ONCE() to avoid load-tearing.

Show details on source website

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-49967"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-06-18T11:15:24Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix a data-race around bpf_jit_limit.\n\nWhile reading bpf_jit_limit, it can be changed concurrently via sysctl,\nWRITE_ONCE() in __do_proc_doulongvec_minmax(). The size of bpf_jit_limit\nis long, so we need to add a paired READ_ONCE() to avoid load-tearing.",
  "id": "GHSA-f2f7-qfwq-94j2",
  "modified": "2025-06-18T12:30:38Z",
  "published": "2025-06-18T12:30:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49967"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0947ae1121083d363d522ff7518ee72b55bd8d29"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ba632ad0bacb13197a8f38e7526448974e87f292"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CVE-2022-49967 (GCVE-0-2022-49967)

Vulnerability from cvelistv5

Published

2025-06-18 11:00

Modified

2025-06-18 11:00

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a data-race around bpf_jit_limit. While reading bpf_jit_limit, it can be changed concurrently via sysctl, WRITE_ONCE() in __do_proc_doulongvec_minmax(). The size of bpf_jit_limit is long, so we need to add a paired READ_ONCE() to avoid load-tearing.

References

►

URL

Tags

	https://git.kernel.org/stable/c/ba632ad0bacb13197a8f38e7526448974e87f292
	https://git.kernel.org/stable/c/0947ae1121083d363d522ff7518ee72b55bd8d29

Impacted products

Vendor

Product

Version

►

Version: ede95a63b5e84ddeea6b0c473b36ab8bfd8c6ce3
Version: ede95a63b5e84ddeea6b0c473b36ab8bfd8c6ce3
Version: c98446e1bab6253ddce7144cc2a91c400a323839
Version: a1fe647042affe713a17243cd10e9b25f3d83948
Version: 43caa29c99db5a41b204e8ced01b00e151335ca8

Version: 4.20

Show details on NVD website

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "kernel/bpf/core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "ba632ad0bacb13197a8f38e7526448974e87f292",
              "status": "affected",
              "version": "ede95a63b5e84ddeea6b0c473b36ab8bfd8c6ce3",
              "versionType": "git"
            },
            {
              "lessThan": "0947ae1121083d363d522ff7518ee72b55bd8d29",
              "status": "affected",
              "version": "ede95a63b5e84ddeea6b0c473b36ab8bfd8c6ce3",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "c98446e1bab6253ddce7144cc2a91c400a323839",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "a1fe647042affe713a17243cd10e9b25f3d83948",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "43caa29c99db5a41b204e8ced01b00e151335ca8",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "kernel/bpf/core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.20"
            },
            {
              "lessThan": "4.20",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.19.*",
              "status": "unaffected",
              "version": "5.19.8",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.0",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.19.8",
                  "versionStartIncluding": "4.20",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.0",
                  "versionStartIncluding": "4.20",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "4.9.190",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "4.14.140",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "4.19.47",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix a data-race around bpf_jit_limit.\n\nWhile reading bpf_jit_limit, it can be changed concurrently via sysctl,\nWRITE_ONCE() in __do_proc_doulongvec_minmax(). The size of bpf_jit_limit\nis long, so we need to add a paired READ_ONCE() to avoid load-tearing."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-06-18T11:00:31.782Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/ba632ad0bacb13197a8f38e7526448974e87f292"
        },
        {
          "url": "https://git.kernel.org/stable/c/0947ae1121083d363d522ff7518ee72b55bd8d29"
        }
      ],
      "title": "bpf: Fix a data-race around bpf_jit_limit.",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2022-49967",
    "datePublished": "2025-06-18T11:00:31.782Z",
    "dateReserved": "2025-06-18T10:57:27.384Z",
    "dateUpdated": "2025-06-18T11:00:31.782Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.